CN103701779A - Method and device for accessing website for second time and firewall equipment - Google Patents
Method and device for accessing website for second time and firewall equipment Download PDFInfo
- Publication number
- CN103701779A CN103701779A CN201310685307.5A CN201310685307A CN103701779A CN 103701779 A CN103701779 A CN 103701779A CN 201310685307 A CN201310685307 A CN 201310685307A CN 103701779 A CN103701779 A CN 103701779A
- Authority
- CN
- China
- Prior art keywords
- url
- website
- address
- value
- time information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention discloses a method and a device for accessing a website for a second time and firewall equipment. The method comprises the following steps: A, receiving a first HTTP (Hyper Text Transport Protocol) request message carrying the IP (Internet Protocol) address, a URL (Uniform Resource Locator) and first generation time information of a client; B, judging whether the first HTTP request message is trustable or not, and if so, executing F; otherwise, executing C; C, detecting whether a website which corresponds to the URL is a malicious website or not, if so, executing D, and otherwise, executing F; D, transmitting an HTTP response message to the client; E, receiving a second HTTP request message carrying ID information, an IP address, a URL and second generation time information to generate a table entry in a trustable access chain table, instructing the client to request to access the website which corresponds to the URL once again, and executing A; F, transmitting the first HTTP request message to the website which corresponds to the URL. By adopting the scheme, a special technician does not need to be configured, and high maintainability is achieved.
Description
Technical field
The present invention relates to communication technical field, espespecially a kind of method of secondary access websites, device and firewall box.
Background technology
Along with the development of the Internet (Internet) technology, diverse network security incident takes place frequently.From technical standpoint, attack on Internet gets more and more and is undertaken by World Wide Web (WWW) (Web), the today being becoming increasingly rampant in malicious websites such as fishing, extension horses especially, to existing the website of potential safety hazard to conduct interviews, be easy to cause virus, wooden horse to spread unchecked, cause various important informations to be revealed, thereby be necessary detect and defend for website.
Can, by configuration website prestige security strategy, stop user to conduct interviews to malicious websites, thereby strengthen the ability of resisting malicious websites.Detailed process is, when user wants access websites, can on browser, input URL(uniform resource locator) (Uniform Resource Locator, URL), URL(also can be called web page address, network address) be the address of the resource of the upper standard of Internet, firewall box can be used website prestige security strategy to detect URL, if this URL detected, has security risk, directly stops user's access; Otherwise, allow user access.If user's access request is prevented from, webpage slowly fails to open and without any prompting, user can constantly refresh, and so just causes unnecessary time waste, and reduces user and experience.
In order to address the above problem, can after stoping user's access, be redirected to another website, user just can be notified in time under access is prevented from situation like this, when user wishes to continue this website of access, can only process by the methods such as white list are set, but white list is set, need professional and technical personnel to reconfigure website prestige security strategy, layoutprocedure is very loaded down with trivial details, maintainable poor.
Summary of the invention
The embodiment of the present invention provides a kind of method, device and firewall box of secondary access websites, in order to solve existing secondary, visits loaded down with trivial details, the maintainable poor problem of the layoutprocedure existing in the method for website.
Therefore, according to the embodiment of the present invention, provide a kind of method of secondary access websites, comprising:
A, firewall box receive the first HTML (Hypertext Markup Language) HTTP request message of Internet protocol IP address, uniform resource position mark URL and the first rise time information of carrying client;
B, according to described IP address, described URL, described the first rise time information and credible access chained list, judge that whether a described HTTP request message is credible, if so, carry out F; Otherwise, carry out C;
C, detect whether the website that described URL is corresponding is malicious websites, if malicious websites is carried out D; Otherwise, carry out F;
D, after carrying the sign id information of described firewall box and the http response message of described URL, send to described client, for reminding, website corresponding to URL described in described client is malicious websites;
E, receive after the 2nd HTTP request message that carries described id information, described IP address, described URL and the second rise time information, according to the list item in credible access chained list described in described IP address, described URL and described the second rise time Information generation, and indicate described client website corresponding to URL described in request access again, carry out A;
F, a described HTTP request message is sent to the website that described URL is corresponding.
Concrete, according to described IP address, described URL, described the first rise time information and credible access chained list, judge that whether a described HTTP request message is credible, specifically comprise:
Search the list item that whether comprises described IP address and described URL in described credible access chained list; Or, according to described URL and described IP address computation key Key, using described the first rise time information as value Value, obtain Key/Value couple, search in described credible access chained list whether comprise the list item that described Key/Value is right;
If find, whether the difference of the temporal information in more described the first rise time information and the list item that finds surpasses set point, if surpass, determines that a described HTTP request message is insincere; If do not surpass, determine that a described HTTP request message is credible;
If do not find, determine that a described HTTP request message is insincere.
Concrete, detect whether the website that described URL is corresponding is malicious websites, specifically comprise:
Compared in the prestige storehouse, website of described URL and configuration;
If described URL is present in prestige storehouse, described website, the website that described URL is corresponding is malicious websites;
If described URL is not present in prestige storehouse, described website, the website that described URL is corresponding is not malicious websites.
Concrete, the list item according in credible access chained list described in described IP address, described URL and described the second rise time Information generation, specifically comprises:
According to described URL and described IP address computation key Key, using described the second rise time information as value Value, obtain Key/Value couple, using described Key/Value to the list item in described credible access chained list; Or
Using described IP address, described URL and the list item of described the second rise time information in described credible access chained list.
Concrete, according to described URL and described IP address computation key Key, specifically comprise:
Described URL be take to 4 characters after one group of decimalize numerical value, the decimal system numerical value after converting is added, obtain first and value;
By described IP address decimalize numerical value, be added with value with described first, obtain Key.
The embodiment of the present invention also provides a kind of device of secondary access websites, it is characterized in that, comprising:
Receiving element, carries the first HTML (Hypertext Markup Language) HTTP request message of Internet protocol IP address, uniform resource position mark URL and the first rise time information of client for receiving;
Judging unit, for judging that according to described IP address, described URL, described the first rise time information and credible access chained list whether a described HTTP request message is credible, if so, turns to retransmission unit; Otherwise, turn to detecting unit;
Described detecting unit, whether the website corresponding for detection of described URL is malicious websites, if malicious websites turns to transmitting element; Otherwise, turn to described retransmission unit;
Described transmitting element, for send to described client after carrying the sign id information of firewall box at self place and the http response message of described URL, for reminding, website corresponding to URL described in described client is malicious websites;
Generation unit, for receiving after the 2nd HTTP request message that carries described id information, described IP address, described URL and the second rise time information, according to the list item in credible access chained list described in described IP address, described URL and described the second rise time Information generation, and indicate described client website corresponding to URL described in request access again, turn to described receiving element;
Described retransmission unit, for sending to by a described HTTP request message website that described URL is corresponding.
Concrete, described judging unit, specifically for:
Search the list item that whether comprises described IP address and described URL in described credible access chained list; Or, according to described URL and described IP address computation key Key, using described the first rise time information as value Value, obtain Key/Value couple, search in described credible access chained list whether comprise the list item that described Key/Value is right;
If find, whether the difference of the temporal information in more described the first rise time information and the list item that finds surpasses set point, if surpass, determines that a described HTTP request message is insincere; If do not surpass, determine that a described HTTP request message is credible;
If do not find, determine that a described HTTP request message is insincere.
Concrete, described detecting unit, specifically for:
Compared in the prestige storehouse, website of described URL and configuration;
If described URL is present in prestige storehouse, described website, the website that described URL is corresponding is malicious websites;
If described URL is not present in prestige storehouse, described website, the website that described URL is corresponding is not malicious websites.
Concrete, described generation unit, specifically for:
According to described URL and described IP address computation key Key, using described the second rise time information as value Value, obtain Key/Value couple, using described Key/Value to the list item in described credible access chained list; Or
Using described IP address, described URL and the list item of described the second rise time information in described credible access chained list.
Concrete, described generation unit, specifically for:
Described URL be take to 4 characters after one group of decimalize numerical value, the decimal system numerical value after converting is added, obtain first and value;
By described IP address decimalize numerical value, be added with value with described first, obtain Key.
The embodiment of the present invention also provides a kind of firewall box, comprises the device of above-mentioned secondary access websites.
The Website access method that the embodiment of the present invention provides, device and firewall box, can be by the malicious websites notice client detecting, when client wants continues access, URL corresponding to this website, IP address and the rise time information of client can be added in credible access chained list, thereby just can realize client secondary access websites, this scheme is without special technical staff's configuration, maintainable good.
Accompanying drawing explanation
Fig. 1 is the flow chart of the method for secondary access websites in the embodiment of the present invention;
Fig. 2 is the structural representation of the device of secondary access websites in the embodiment of the present invention.
Embodiment
For existing secondary, visit loaded down with trivial details, the maintainable poor problem of the layoutprocedure existing in the method for website, the embodiment of the present invention provides a kind of method of secondary access websites, the executive agent of the method is firewall box, and flow process as shown in Figure 1, performs step as follows:
S10: the first HTML (Hypertext Markup Language) (Hyper Text Transport Protocol, the HTTP) request message that receives Internet protocol (Internet Protocol, IP) address, URL and the first rise time information of carrying client.
When user wants to access some websites, can send by client a HTTP request message of IP address, URL and the first rise time information of carrying client, the first rise time information is the time of producing a HTTP request message.
S11: judge that according to IP address, URL, the first rise time information and credible access chained list whether a HTTP request message is credible, if so, carry out S15; Otherwise, carry out S12.
S12: whether detect website corresponding to URL is malicious websites, if malicious websites is carried out S13; Otherwise, S15.
If a HTTP request message is insincere, detect whether the website that URL is corresponding is malicious websites.
S13: sending to client after carrying sign (Identification, the ID) information of firewall box and the http response message of URL, is malicious websites for reminding the website that client URL is corresponding.
If malicious websites, and http response message is sent to notice client, what prompting client-requested was accessed is malicious websites, suppose that URL corresponding to website that client will be accessed is http://www.example.com/, the id information of firewall box is designated as devicestring, id information and the URL of the firewall box carrying in http response message can be used as hyperlink, are designated as http://www.example.com/ devicestring.
The id information of firewall box is according to hard disk sequence number and central processing unit (Central Processing Unit, CPU) sequence number generates, hard disk sequence number be firewall box while dispatching from the factory for difference equipment arranges, be unique and read-only, CPU sequence number is also unique and read-only.Therefore, hard disk sequence number and CPU sequence number can be generated to the unique identification of firewall box by md5 encryption algorithm.
S14: receive after the 2nd HTTP request message that carries id information, IP address, URL and the second rise time information, according to the list item in IP address, URL and the credible access chained list of the second rise time Information generation, and indicate client website corresponding to request access URL again, carry out S10.
When client is after http response message, what at this moment in client, show is security alarm webpage, if user wishes to continue this website of access, just can click the hyperlink in http response message, thereby send out the 2nd HTTP request message that carries id information, IP address, URL and the second rise time information.
Firewall box receives after the second http response message, know that client wants continues access website corresponding to this URL, just can be added in credible access chained list according to IP address, URL and the second rise time Information generation list item, and indicating user website corresponding to this URL of request access again.
S15: a HTTP request message sends to the website that URL is corresponding.
In this scheme, can be by the malicious websites notice client detecting, when client wants continues access, URL corresponding to this website, IP address and the rise time information of client can be added in credible access chained list, thereby just can realize client secondary access websites, this scheme is without special technical staff's configuration, maintainable good.
Concrete, in above-mentioned S10, according to IP address, URL, the first rise time information and credible access chained list, judge that whether a HTTP request message is credible, specifically comprise:
Search in credible access chained list and whether comprise; Or, according to URL and IP address computation key Key, using the first rise time information as value Value, obtain Key/Value couple, search in credible access chained list whether comprise the list item that Key/Value is right;
If find, relatively whether the difference of the temporal information in the first rise time information and the list item finding surpasses set point, if surpass, determines that a HTTP request message is insincere; If do not surpass, determine that a HTTP request message is credible;
If do not find, determine that a HTTP request message is insincere.
Can search list item according to the create-rule of the list item in credible access chained list, if the direct preservation of its list item is IP address, URL and temporal information, directly search; If that its list item is preserved is Key/Value couple, first according to a HTTP request message, calculates Key/Value couple, and then search.
The one HTTP request message has the term of validity, can identify by set point the size of the term of validity, if surpass the term of validity, even if comprise the right list item in IP address and URL or Key/Value in credible access chained list, a HTTP request message is still incredible.Set point can be set according to actual needs, for example 3,4,5 minutes etc.
Concrete, whether website corresponding to detection URL in above-mentioned S12 is malicious websites, specifically comprises:
Compared in the prestige storehouse, website of URL and configuration;
If URL is present in prestige storehouse, website, the website that URL is corresponding is malicious websites;
If URL is not present in prestige storehouse, website, the website that URL is corresponding is not malicious websites.
Can prestige storehouse, pre-configured website, in prestige storehouse, website, preserve URL corresponding to malicious websites, when whether detection website corresponding to URL is malicious websites, just this URL and prestige storehouse, website can be compared, website corresponding to URL that is only present in prestige storehouse, website is only malicious websites, and website corresponding to URL that is not present in prestige storehouse, website is security website.
Concrete, in above-mentioned 13 according to the list item in IP address, URL and the credible access chained list of the second rise time Information generation, specifically comprise:
According to URL and IP address computation key Key, using the second rise time information as value Value, obtain Key/Value couple, using Key/Value to the list item in credible access chained list; Or
Using IP address, URL and the list item of the second rise time information in credible access chained list.
Concrete, above-mentioned according to URL and IP address computation key Key, specifically comprise:
URL be take to 4 characters after one group of decimalize numerical value, the decimal system numerical value after converting is added, obtain first and value;
By IP address decimalize numerical value, be added with value with first, obtain Key.
Based on same inventive concept, the embodiment of the present invention provides a kind of device of secondary access websites, and this device can be arranged in firewall box, and structure as shown in Figure 2, comprising:
Receiving element 20, carries a HTTP request message of IP address, URL and the first rise time information of client for receiving.
Judging unit 21, for judging that according to IP address, URL, the first rise time information and credible access chained list whether a HTTP request message is credible, if so, turns to retransmission unit 25; Otherwise, turn to detecting unit 22.
Detecting unit 22, whether the website corresponding for detection of URL is malicious websites, if malicious websites turns to transmitting element 23; Otherwise, turn to retransmission unit 25.
Transmitting element 23, for send to client after carrying the sign id information of firewall box at self place and the http response message of URL, is malicious websites for reminding the website that client URL is corresponding.
Concrete, above-mentioned judging unit 21, specifically for:
Search the list item that whether comprises IP address and URL in credible access chained list; Or, according to URL and IP address computation key Key, using the first rise time information as value Value, obtain Key/Value couple, search in credible access chained list whether comprise the list item that Key/Value is right;
If find, relatively whether the difference of the temporal information in the first rise time information and the list item finding surpasses set point, if surpass, determines that a HTTP request message is insincere; If do not surpass, determine that a HTTP request message is credible;
If do not find, determine that a HTTP request message is insincere.
Concrete, above-mentioned detecting unit 22, specifically for:
Compared in the prestige storehouse, website of URL and configuration;
If URL is present in prestige storehouse, website, the website that URL is corresponding is malicious websites;
If URL is not present in prestige storehouse, website, the website that URL is corresponding is not malicious websites.
Concrete, above-mentioned generation unit 24, specifically for:
According to URL and IP address computation key Key, using the second rise time information as value Value, obtain Key/Value couple, using Key/Value to the list item in credible access chained list; Or
Using IP address, URL and the list item of the second rise time information in credible access chained list.
Concrete, above-mentioned generation unit 24, specifically for:
URL be take to 4 characters after one group of decimalize numerical value, the decimal system numerical value after converting is added, obtain first and value;
By IP address decimalize numerical value, be added with value with first, obtain Key.
The present invention is with reference to describing according to flow chart and/or the block diagram of the method for the embodiment of the present invention, equipment (system) and computer program.Should understand can be in computer program instructions realization flow figure and/or block diagram each flow process and/or the flow process in square frame and flow chart and/or block diagram and/or the combination of square frame.Can provide these computer program instructions to the processor of all-purpose computer, special-purpose computer, Embedded Processor or other programmable data processing device to produce a machine, the instruction of carrying out by the processor of computer or other programmable data processing device is produced for realizing the device in the function of flow process of flow chart or a plurality of flow process and/or square frame of block diagram or a plurality of square frame appointments.
These computer program instructions also can be stored in energy vectoring computer or the computer-readable memory of other programmable data processing device with ad hoc fashion work, the instruction that makes to be stored in this computer-readable memory produces the manufacture that comprises command device, and this command device is realized the function of appointment in flow process of flow chart or a plurality of flow process and/or square frame of block diagram or a plurality of square frame.
These computer program instructions also can be loaded in computer or other programmable data processing device, make to carry out sequence of operations step to produce computer implemented processing on computer or other programmable devices, thereby the instruction of carrying out is provided for realizing the step of the function of appointment in flow process of flow chart or a plurality of flow process and/or square frame of block diagram or a plurality of square frame on computer or other programmable devices.
Although described optional embodiment of the present invention, once those skilled in the art obtain the basic creative concept of cicada, can make other change and modification to these embodiment.So claims are intended to be interpreted as all changes and the modification that comprise optional embodiment and fall into the scope of the invention.
Obviously, those skilled in the art can carry out various changes and modification and not depart from the spirit and scope of the embodiment of the present invention the embodiment of the present invention.Like this, if within these of the embodiment of the present invention are revised and modification belongs to the scope of the claims in the present invention and equivalent technologies thereof, the present invention is also intended to comprise these changes and modification interior.
Claims (11)
1. a method for secondary access websites, is characterized in that, comprising:
A, firewall box receive the first HTML (Hypertext Markup Language) HTTP request message of Internet protocol IP address, uniform resource position mark URL and the first rise time information of carrying client;
B, according to described IP address, described URL, described the first rise time information and credible access chained list, judge that whether a described HTTP request message is credible, if so, carry out F; Otherwise, carry out C;
C, detect whether the website that described URL is corresponding is malicious websites, if malicious websites is carried out D; Otherwise, carry out F;
D, after carrying the sign id information of described firewall box and the http response message of described URL, send to described client, for reminding, website corresponding to URL described in described client is malicious websites;
E, receive after the 2nd HTTP request message that carries described id information, described IP address, described URL and the second rise time information, according to the list item in credible access chained list described in described IP address, described URL and described the second rise time Information generation, and indicate described client website corresponding to URL described in request access again, carry out A;
F, a described HTTP request message is sent to the website that described URL is corresponding.
2. the method for claim 1, is characterized in that, according to described IP address, described URL, described the first rise time information and credible access chained list, judges that whether a described HTTP request message is credible, specifically comprises:
Search the list item that whether comprises described IP address and described URL in described credible access chained list; Or, according to described URL and described IP address computation key Key, using described the first rise time information as value Value, obtain Key/Value couple, search in described credible access chained list whether comprise the list item that described Key/Value is right;
If find, whether the difference of the temporal information in more described the first rise time information and the list item that finds surpasses set point, if surpass, determines that a described HTTP request message is insincere; If do not surpass, determine that a described HTTP request message is credible;
If do not find, determine that a described HTTP request message is insincere.
3. the method for claim 1, is characterized in that, detects whether the website that described URL is corresponding is malicious websites, specifically comprises:
Compared in the prestige storehouse, website of described URL and configuration;
If described URL is present in prestige storehouse, described website, the website that described URL is corresponding is malicious websites;
If described URL is not present in prestige storehouse, described website, the website that described URL is corresponding is not malicious websites.
4. the method for claim 1, is characterized in that, the list item according in credible access chained list described in described IP address, described URL and described the second rise time Information generation, specifically comprises:
According to described URL and described IP address computation key Key, using described the second rise time information as value Value, obtain Key/Value couple, using described Key/Value to the list item in described credible access chained list; Or
Using described IP address, described URL and the list item of described the second rise time information in described credible access chained list.
5. method as claimed in claim 4, is characterized in that, according to described URL and described IP address computation key Key, specifically comprises:
Described URL be take to 4 characters after one group of decimalize numerical value, the decimal system numerical value after converting is added, obtain first and value;
By described IP address decimalize numerical value, be added with value with described first, obtain Key.
6. a device for secondary access websites, is characterized in that, comprising:
Receiving element, carries the first HTML (Hypertext Markup Language) HTTP request message of Internet protocol IP address, uniform resource position mark URL and the first rise time information of client for receiving;
Judging unit, for judging that according to described IP address, described URL, described the first rise time information and credible access chained list whether a described HTTP request message is credible, if so, turns to retransmission unit; Otherwise, turn to detecting unit;
Described detecting unit, whether the website corresponding for detection of described URL is malicious websites, if malicious websites turns to transmitting element; Otherwise, turn to described retransmission unit;
Described transmitting element, for send to described client after carrying the sign id information of firewall box at self place and the http response message of described URL, for reminding, website corresponding to URL described in described client is malicious websites;
Generation unit, for receiving after the 2nd HTTP request message that carries described id information, described IP address, described URL and the second rise time information, according to the list item in credible access chained list described in described IP address, described URL and described the second rise time Information generation, and indicate described client website corresponding to URL described in request access again, turn to described receiving element;
Described retransmission unit, for sending to by a described HTTP request message website that described URL is corresponding.
7. device as claimed in claim 6, is characterized in that, described judging unit, specifically for:
Search the list item that whether comprises described IP address and described URL in described credible access chained list; Or, according to described URL and described IP address computation key Key, using described the first rise time information as value Value, obtain Key/Value couple, search in described credible access chained list whether comprise the list item that described Key/Value is right;
If find, whether the difference of the temporal information in more described the first rise time information and the list item that finds surpasses set point, if surpass, determines that a described HTTP request message is insincere; If do not surpass, determine that a described HTTP request message is credible;
If do not find, determine that a described HTTP request message is insincere.
8. device as claimed in claim 6, is characterized in that, described detecting unit, specifically for:
Compared in the prestige storehouse, website of described URL and configuration;
If described URL is present in prestige storehouse, described website, the website that described URL is corresponding is malicious websites;
If described URL is not present in prestige storehouse, described website, the website that described URL is corresponding is not malicious websites.
9. device as claimed in claim 6, is characterized in that, described generation unit, specifically for:
According to described URL and described IP address computation key Key, using described the second rise time information as value Value, obtain Key/Value couple, using described Key/Value to the list item in described credible access chained list; Or
Using described IP address, described URL and the list item of described the second rise time information in described credible access chained list.
10. device as claimed in claim 9, is characterized in that, described generation unit, specifically for:
Described URL be take to 4 characters after one group of decimalize numerical value, the decimal system numerical value after converting is added, obtain first and value;
By described IP address decimalize numerical value, be added with value with described first, obtain Key.
11. 1 kinds of firewall boxs, is characterized in that, comprise the device of the secondary access websites as described in as arbitrary in claim 6-10.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310685307.5A CN103701779B (en) | 2013-12-13 | 2013-12-13 | Method and device for accessing website for second time and firewall equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310685307.5A CN103701779B (en) | 2013-12-13 | 2013-12-13 | Method and device for accessing website for second time and firewall equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103701779A true CN103701779A (en) | 2014-04-02 |
| CN103701779B CN103701779B (en) | 2017-02-22 |
Family
ID=50363176
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310685307.5A Active CN103701779B (en) | 2013-12-13 | 2013-12-13 | Method and device for accessing website for second time and firewall equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103701779B (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104766014A (en) * | 2015-04-30 | 2015-07-08 | 安一恒通(北京)科技有限公司 | Method and system used for detecting malicious website |
| CN106603575A (en) * | 2017-02-06 | 2017-04-26 | 恒安嘉新(北京)科技有限公司 | Network-side-based active detection and real-time prompting method, apparatus, and system for internet-surfing security |
| WO2017167208A1 (en) * | 2016-03-29 | 2017-10-05 | 腾讯科技(深圳)有限公司 | Method and apparatus for recognizing malicious website, and computer storage medium |
| CN107836101A (en) * | 2015-06-27 | 2018-03-23 | 迈克菲有限责任公司 | Goodwill for URL |
| CN108768934A (en) * | 2018-04-11 | 2018-11-06 | 北京立思辰新技术有限公司 | Rogue program issues detection method, device and medium |
| CN109995889A (en) * | 2018-01-02 | 2019-07-09 | 中国移动通信有限公司研究院 | Update method, device, gateway and the storage medium of mapping table |
| CN110086754A (en) * | 2018-01-26 | 2019-08-02 | 北京金山云网络技术有限公司 | A kind of resource screen method, device, electronic equipment and readable storage medium storing program for executing |
-
2013
- 2013-12-13 CN CN201310685307.5A patent/CN103701779B/en active Active
Cited By (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2016173200A1 (en) * | 2015-04-30 | 2016-11-03 | 安一恒通(北京)科技有限公司 | Malicious website detection method and system |
| US10567407B2 (en) | 2015-04-30 | 2020-02-18 | Iyuntian Co., Ltd. | Method and system for detecting malicious web addresses |
| CN104766014A (en) * | 2015-04-30 | 2015-07-08 | 安一恒通(北京)科技有限公司 | Method and system used for detecting malicious website |
| CN104766014B (en) * | 2015-04-30 | 2017-12-01 | 安一恒通(北京)科技有限公司 | For detecting the method and system of malice network address |
| CN107836101A (en) * | 2015-06-27 | 2018-03-23 | 迈克菲有限责任公司 | Goodwill for URL |
| WO2017167208A1 (en) * | 2016-03-29 | 2017-10-05 | 腾讯科技(深圳)有限公司 | Method and apparatus for recognizing malicious website, and computer storage medium |
| US10834105B2 (en) | 2016-03-29 | 2020-11-10 | Tencent Technology (Shenzhen) Company Limited | Method and apparatus for identifying malicious website, and computer storage medium |
| CN106603575A (en) * | 2017-02-06 | 2017-04-26 | 恒安嘉新(北京)科技有限公司 | Network-side-based active detection and real-time prompting method, apparatus, and system for internet-surfing security |
| CN106603575B (en) * | 2017-02-06 | 2020-05-26 | 恒安嘉新(北京)科技股份公司 | Network side-based active internet surfing safety detection and real-time reminding method, device and system |
| CN109995889A (en) * | 2018-01-02 | 2019-07-09 | 中国移动通信有限公司研究院 | Update method, device, gateway and the storage medium of mapping table |
| CN109995889B (en) * | 2018-01-02 | 2022-02-25 | 中国移动通信有限公司研究院 | Method and device for updating mapping relation table, gateway equipment and storage medium |
| CN110086754A (en) * | 2018-01-26 | 2019-08-02 | 北京金山云网络技术有限公司 | A kind of resource screen method, device, electronic equipment and readable storage medium storing program for executing |
| CN108768934A (en) * | 2018-04-11 | 2018-11-06 | 北京立思辰新技术有限公司 | Rogue program issues detection method, device and medium |
| CN108768934B (en) * | 2018-04-11 | 2021-09-07 | 北京立思辰新技术有限公司 | Malicious program release detection method, device and medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103701779B (en) | 2017-02-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109040316B (en) | HTTP service processing method and device | |
| CN103701779A (en) | Method and device for accessing website for second time and firewall equipment | |
| US10182324B2 (en) | Contextual deep linking of applications | |
| US11886619B2 (en) | Apparatus and method for securing web application server source code | |
| WO2017084508A1 (en) | Method and device for automatically burying points | |
| KR102105636B1 (en) | Installing application remotely | |
| US10212179B2 (en) | Method and system for checking security of URL for mobile terminal | |
| US20160006760A1 (en) | Detecting and preventing phishing attacks | |
| CN103095681A (en) | Loophole detection method and device | |
| CN102724187A (en) | Method and device for safety detection of universal resource locators | |
| CN106992975B (en) | Malicious website identification method and device | |
| WO2017036059A1 (en) | Method, apparatus, terminal device and system for monitoring user access behaviors | |
| CN104767747A (en) | Click jacking safety detection method and device | |
| US8789177B1 (en) | Method and system for automatically obtaining web page content in the presence of redirects | |
| CN103118033B (en) | A kind of defend user website to be tampered method and device | |
| EP2854363B1 (en) | Polluting results of vulnerability scans | |
| US10474810B2 (en) | Controlling access to web resources | |
| JP2007193415A (en) | Web content sharing system, server device, information processing terminal device, operation restriction method, and program | |
| US10095791B2 (en) | Information search method and apparatus | |
| JP5383923B1 (en) | Information processing apparatus, information processing system, information processing method, and program | |
| WO2014101647A1 (en) | Method and apparatus for installing webpage application | |
| WO2018075695A1 (en) | Host pair detection | |
| CN110557507B (en) | File transmission method and device, electronic equipment and computer readable storage medium | |
| EP3502925B1 (en) | Computer system and method for extracting dynamic content from websites | |
| US9177074B2 (en) | System and method for confirming authorship of documents |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP01 | Change in the name or title of a patent holder | ||
| CP01 | Change in the name or title of a patent holder |
Address after: 100089 Beijing city Haidian District Road No. 4 North wa Yitai three storey building Patentee after: NSFOCUS Technologies Group Co.,Ltd. Patentee after: NSFOCUS TECHNOLOGIES Inc. Address before: 100089 Beijing city Haidian District Road No. 4 North wa Yitai three storey building Patentee before: NSFOCUS INFORMATION TECHNOLOGY Co.,Ltd. Patentee before: NSFOCUS TECHNOLOGIES Inc. |